add-apt-repository ppa:webupd8team/java
apt-get update
apt-get install oracle-java8-installer -y
chmod +x elasticsearch-6.1.3.deb
dpkg -i /home/ubuntu/elasticsearch-6.1.3.deb
Changed elasticsearch.yml as follows
network.host: 0.0.0.0
http.port: 9200
update-rc.d elasticsearch defaults 95 10
service elasticsearch restart
I accessed ES as https://<hostname>:<HTTP port> and I got below output
{
"name" : "acvff",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "-Hqx5vMgSbaZdM4-hjzMEQ",
"version" : {
"number" : "6.1.3",
"build_hash" : "601be4a",
"build_date" : "2017-11-04T09:22:03.333Z",
"build_snapshot" : false,
"lucene_version" : "7.0.1",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
root@ip-10-0-0-248:/usr/share/elasticsearch# bin/elasticsearch-plugin install -b com.floragunn:search-guard-6:6.1.3-21.0
-> Downloading com.floragunn:search-guard-6:6.1.3-21.0 from maven central
[=================================================] 100%
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: plugin requires additional permissions @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
* java.io.FilePermission /proc/sys/net/core/somaxconn read
* java.lang.RuntimePermission accessClassInPackage.sun.misc
* java.lang.RuntimePermission accessClassInPackage.sun.security.x509
* java.lang.RuntimePermission accessDeclaredMembers
* java.lang.RuntimePermission accessUserInformation
* java.lang.RuntimePermission getClassLoader
* java.lang.RuntimePermission loadLibrary.*
* java.lang.RuntimePermission setContextClassLoader
* java.lang.RuntimePermission shutdownHooks
* java.lang.reflect.ReflectPermission suppressAccessChecks
* java.net.NetPermission getNetworkInformation
* java.net.SocketPermission * connect,accept,resolve
* java.security.SecurityPermission getProperty.ssl.KeyManagerFactory.algorithm
* java.security.SecurityPermission insertProvider.BC
* java.security.SecurityPermission putProviderProperty.BC
* java.security.SecurityPermission setProperty.ocsp.enable
* java.util.PropertyPermission com.sun.security.enableCRLDP write
* java.util.PropertyPermission es.set.netty.runtime.available.processors write
* java.util.PropertyPermission java.security.debug write
* java.util.PropertyPermission java.security.krb5.conf write
* java.util.PropertyPermission javax.security.auth.useSubjectCredsOnly write
* java.util.PropertyPermission jdk.tls.rejectClientInitiatedRenegotiation write
* java.util.PropertyPermission sun.nio.ch.bugLevel write
* java.util.PropertyPermission sun.security.krb5.debug write
* java.util.PropertyPermission sun.security.spnego.debug write
* javax.security.auth.AuthPermission doAs
* javax.security.auth.AuthPermission modifyPrivateCredentials
* javax.security.auth.kerberos.ServicePermission * accept
for descriptions of what these permissions allow and the associated risks.
-> Installed search-guard-6
root@ip-10-0-0-248:/usr/share/elasticsearch# cd plugins/search-guard-6/tools/
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ls
hash.bat hash.sh install_demo_configuration.sh sgadmin.bat sgadmin.sh
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ./install_demo_configuration.sh
bash: ./install_demo_configuration.sh: Permission denied
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# chmod +x install_demo_configuration.sh
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ls
hash.bat hash.sh install_demo_configuration.sh sgadmin.bat sgadmin.sh
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ./install_demo_configuration.sh
Search Guard 6 Demo Installer
** Warning: Do not use on production or public reachable systems **
Install demo certificates? [y/N] y
Initialize Search Guard? [y/N] y
Cluster mode requires maybe additional setup of:
- Virtual memory (vm.max_map_count)
Enable cluster mode? [y/N] y
Basedir: /usr/share/elasticsearch
This script maybe require your root password for 'sudo' privileges
Elasticsearch install type: rpm/deb on DISTRIB_ID=Ubuntu
Elasticsearch config dir: /etc/elasticsearch
Elasticsearch config file: /etc/elasticsearch/elasticsearch.yml
Elasticsearch bin dir: /usr/share/elasticsearch/bin
Elasticsearch plugins dir: /usr/share/elasticsearch/plugins
Elasticsearch lib dir: /usr/share/elasticsearch/lib
Detected Elasticsearch Version: cli-6.1.3
Detected Search Guard Version: 6.1.3-21.0
### Success
### Execute this script now on all your nodes and then start all nodes
### Search Guard will be automatically initialized.
### If you like to change the runtime configuration
### change the files in ../sgconfig and execute:
sudo /usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh -cd /usr/share/elasticsearch/plugins/search-guard-6/sgconfig -icl -key /etc/elasticsearch/kirk-key.pem -cert /etc/elasticsearch/kirk.pem -cacert /etc/elasticsearch/root-ca.pem -nhnv
### or run ./sgadmin_demo.sh
### To access your Search Guard secured cluster open https://<hostname>:<HTTP port> and log in with admin/admin.
### (Ignore the SSL certificate warning because we installed self-signed demo certificates)
root@ip-10-0-0-110:/usr/share/elasticsearch/plugins/search-guard-6/sgconfig# service elasticsearch restart
* Stopping Elasticsearch Server [ OK ]
* Starting Elasticsearch Server [ OK ]
root@ip-10-0-0-110:/usr/share/elasticsearch/plugins/search-guard-6/sgconfig# cd
root@ip-10-0-0-110:~# sudo /usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh -cd /usr/share/elasticsearch/plugins/search-guard-6/sgconfig -icl -key /etc/elasticsearch/kirk-key.pem -cert /etc/elasticsearch/kirk.pem -cacert /etc/elasticsearch/root-ca.pem -nhnv
WARNING: JAVA_HOME not set, will use /usr/bin/java
Search Guard Admin v6
Will connect to localhost:9300 ... done
Elasticsearch Version: 6.1.3
Search Guard Version: 6.1.3-21.0
Connected as CN=kirk,OU=client,O=client,L=Test,C=DE
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
Clustername: searchguard_demo
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
searchguard index already exists, so we do not need to create one.
INFO: searchguard index state is YELLOW, it seems you miss some replicas
Populate config from /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/
Will update 'sg/config' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_config.yml
FAIL: Configuration for 'config' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
Will update 'sg/roles' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_roles.yml
FAIL: Configuration for 'roles' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
Will update 'sg/rolesmapping' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_roles_mapping.yml
FAIL: Configuration for 'rolesmapping' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
Will update 'sg/internalusers' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_internal_users.yml
FAIL: Configuration for 'internalusers' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
Will update 'sg/actiongroups' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_action_groups.yml
FAIL: Configuration for 'actiongroups' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
FAIL: Expected 1 nodes to return response, but got only 0
Done with failures
I got error as below